[ GLSA 200507-22 ] sandbox: Insecure temporary file handling

From: Sune Kloppenborg Jeppesen (jaervosz_at_gentoo.org)
Date: 07/25/05

  • Next message: Sune Kloppenborg Jeppesen: "[ GLSA 200507-23 ] Kopete: Vulnerability in included Gadu library" 
    To: gentoo-announce@gentoo.org
Date: Mon, 25 Jul 2005 20:06:22 +0200

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Gentoo Linux Security Advisory GLSA 200507-22
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                                http://security.gentoo.org/
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

      Severity: Low
         Title: sandbox: Insecure temporary file handling
          Date: July 25, 2005
          Bugs: #96782
            ID: 200507-22

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    Synopsis
    ========

    The sandbox utility may create temporary files in an insecure manner.

    Background
    ==========

    sandbox is a Gentoo Linux utility used by the Portage package
    management system.

    Affected packages
    =================

        -------------------------------------------------------------------
         Package / Vulnerable / Unaffected
        -------------------------------------------------------------------
      1 sys-apps/sandbox < 1.2.11 >= 1.2.11

    Description
    ===========

    The Gentoo Linux Security Audit Team discovered that the sandbox
    utility was vulnerable to multiple TOCTOU (Time of Check, Time of Use)
    file creation race conditions.

    Impact
    ======

    Local users may be able to create or overwrite arbitrary files with the
    permissions of the root user.

    Workaround
    ==========

    There is no known workaround at this time.

    Resolution
    ==========

    All sandbox users should upgrade to the latest version:

        # emerge --sync
        # emerge --ask --oneshot --verbose ">=sys-apps/sandbox-1.2.11"

    Availability
    ============

    This GLSA and any updates to it are available for viewing at
    the Gentoo Security Website:

      http://security.gentoo.org/glsa/glsa-200507-22.xml

    Concerns?
    =========

    Security is a primary focus of Gentoo Linux and ensuring the
    confidentiality and security of our users machines is of utmost
    importance to us. Any security concerns should be addressed to
    security@gentoo.org or alternatively, you may file a bug at
    http://bugs.gentoo.org.

    License
    =======

    Copyright 2005 Gentoo Foundation, Inc; referenced text
    belongs to its owner(s).

    The contents of this document are licensed under the
    Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.0

  • Next message: Sune Kloppenborg Jeppesen: "[ GLSA 200507-23 ] Kopete: Vulnerability in included Gadu library"

    Relevant Pages

    • [Full-disclosure] [ GLSA 200507-22 ] sandbox: Insecure temporary file handling
      ... The sandbox utility may create temporary files in an insecure manner. ... sandbox is a Gentoo Linux utility used by the Portage package ... The Gentoo Linux Security Audit Team discovered that the sandbox ...
      (Full-Disclosure)
    • RE: Sandboxie
      ... No sandbox product is fool proof. ... Java's first security model was fairly secure. ... the vulnerabilities began to appear in earnest. ... When the underlying OS or app is updated, ...
      (Security-Basics)
    • RE: Sandboxie
      ... No sandbox product is fool proof. ... Java's first security model was fairly secure. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic ...
      (Security-Basics)
    • [Full-disclosure] [ GLSA 200606-11 ] JPEG library: Denial of Service
      ... Bugs: #130889 ... Tavis Ormandy of the Gentoo Linux Auditing Team discovered that the ... Security is a primary focus of Gentoo Linux and ensuring the ... Creative Commons - Attribution / Share Alike license. ...
      (Full-Disclosure)
    • Re: Sandboxie
      ... No sandbox product is fool proof. ... Java's first security model was fairly secure. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence ...
      (Security-Basics)